We wrote this to tell you about the personal and private data that we collect from you in this service and what we use it for. We believe that these topics matter to you the most, so we focus on them in this policy. For other aspects (international transfers, data subject rights, contact information, etc.) regarding the processing of your personal data, please see the F-Secure privacy statement, which applies to all of our services and to which this service-specific policy is an add-on.

What do we collect and what do we do with it?

Your private communications. Our guiding principle is that we do not seek to spy on the exact content of your private communications. We only analyze your communications traffic to provide you the service and to keep your data transfers clean. To be more exact, this means that:

we need to process some metadata (such as volume, country, IP address) of your traffic when providing the service to you;

as an information security company, we analyze the traffic for suspicious or malicious files and destinations (i.e. URLs);

we automatically screen the traffic to inhibit usage that is against our acceptable use policy; and

the service collects statistics to give you a view of your browsing history via the service, but we do not connect this information to you.

Service provisioning logging. When the service is taken into use or a license is modified at later stages of the lifecycle, the provisioning log data is collected. This is done in order to diagnose provisioning, detect abuse of the service, and as a precaution for disaster recovery in case it is needed. This log contains the IP address of the client, a random device ID generated by the service, the time of access, and the country code obtained via a GeoIP lookup of the client IP address.

Service logging. We do not keep any logs about connections established through the VPN service to external addresses. We cannot link the IP address of your browsing destination to you.

To protect the service against fraudulent use, we maintain temporary logs that contain the duration of the VPN sessions, the amount of data transferred, the device ID, public IP address, and host name from where the VPN client connects to our service. Traffic anomalies that look like a potential abuse of our service (such as port scanning or DDoS attacks performed by our clients) are detected by our software and will be logged as well. The logs are stored for 90 days prior to deletion, and can be used to deal with any misuse of our service or attacks against us.

Tracker Mapper. With the Tracker Mapper feature, you can choose to log the tracking data of your traffic for 24 hours. The log is required for displaying the blocked tracking attempts as a visual map to you. The Tracker Mapper log will be marked for deletion and detached from the user record once you start a new log, delete it manually, or automatically after 3 days.

Securing your device with Security Cloud. The service checks the reputation of your application files. If a file is not known to be safe, the service may send it to Security Cloud to be scanned. Once the file is scanned, Security Cloud sends the scan result back to the service. When the service scans content in Security Cloud, it does not collect any personal data. Scanned files are stored for a time necessary for Security Cloud to work as intended.

Security Cloud collects security data only on applications that do not have a known reputation and on files that are suspicious or known to be malware. The collected security data includes the package name, the current version and the origin of the file, and permissions that it requires. Private data is never sent. This is explained in more detail in the 'Security Cloud privacy policy'.

To protect your privacy, we separate the above security data from any other data collected on your use of the service, we treat it as anonymous, and we destroy it as soon as we no longer need it for the above purposes.

No back doors. This service and the underlying infrastructure are built to protect you from undesired spying – by governments, criminals, stalkers, or commercial entities. We do not build back doors to our services. We respect authorized court orders and warrants of jurisdictions applicable to us in investigating cases of illegal activity. After all, our goal is to secure your privacy when browsing the web, not securing your anonymity when committing crimes.

Customer relationship data

The Service collects a varying set of data depending on where you download or purchase the service.

Application stores: number of purchased licenses / purchase history for F-Secure products; price and time of purchase; order number; technical environment (e.g. operating system) of your device; unique identifiers (e.g. Android marketing identifier); service statistics per device; other similar non-sensitive device and service data.

Operator partner: If you have subscribed to the service via your operator, the data set we collect varies per operator partner, but is limited to the above data. We also exchange some such data with the operator to provide you with a smooth customer experience. This includes providing you with service support, communicating with you in a consistent manner, and keeping each other up to date on the status of your subscription.

Support. In cases where we provide you with personal support services, we may need to ask you for additional information.

Deliver, fix, and enhance. To deliver our services to you, maintain and develop our services and websites, and to provide help and support for the services.

Analyze. To track how our services are acquired and used so that we can improve the services, manage your customer relationship, and approach you with relevant messages.

Communicate. To send you information relating to the services, conduct customer surveys, arrange competitions, advertise and market our services to you. For more information, see the F-Secure privacy statement.

Regulatory. To prevent fraudulent activities, remove or stop sharing of illegal or infringing material, and comply with legal or regulatory requirements.

Legal grounds

We process your data so that we can provide you with our services that you have made a contract for or are in the process of doing so. Examples of data processing on these grounds are, for example data processed to empower the Browsing Protection and Tracking Protection features in the service as well as data processed for the management of your subscription. Such contracts may be made either directly with us or with another entity (such as our webstore or operator partner) that has tendered our services to you. Tendering of services may take the form of a purchase or be free of charge.

In the case of data that is not strictly necessary to provide you with the services – but would help us in providing you with better services in the long run – we collect such data only with your consent.

Operator partners

If you have subscribed to the service via your operator, we may collect your email, name, and phone number directly from the operator systems upon your subscription to our services. We also exchange such above listed data as is necessary (e.g. status of your subscription, data collected for resolving a technical support case) with the operator. We do this to provide you with a smooth customer experience and support services, and to communicate with you in a consistent manner.

With your permission, the operator may also access your account to provide you with customer support.

F-Secure also employs its affiliates and subcontractors based on the principles set out under "Transfers" in its privacy statement.

Retention

We store your account data based on the length of your subscription, as set out in more detail in the F-Secure privacy statement. Additionally, some data is subject to more limited data retention practices.

Service provisioning log entries are retained for one year, after which they are deleted.

Service log events for provisioned devices are retained for three months, after which they are deleted.

Tracker Mapper data is retained for 96 hours, after which it is deleted.

Some operators offering the services are subject to more comprehensive data retention obligations than F-Secure. In such cases we may collect additional service / traffic log data and retain it longer than set out above. The data is collected to assist the operator to comply with local laws and only for this purpose.

Analytics

For us to learn when and how you use our service, to enhance it, and to learn how customers find out about the service, the service also collects data on installation success, installation and activation paths, performance, operation environment, connections, data routing, quota, as well as other similar metadata (such as which features are used and how often). We do this so that we can create services that are of value to you and our other customers.

We do not seek to identify you personally from the analytics data. We are interested in the needs and behavior of our users as a part of the group, not in the names of those users.

Our primary interest is in building great services. Most of our analytics activity is geared towards this purpose. Our secondary interest is to better market these great services to the relevant audiences. For this, we aggregate anonymous data or use pseudonyms. To do these things we need to exchange device identifiers (such as ‘Android Marketing Identifier' and other like identifiers) with our online marketing partners. This may be visible to you in the type of ads that you see when browsing or using applications. This has no impact on the amount of ads you see in your online life.

To respect our own core privacy promise, we do not have these third-party usage analytics targeting your actual communications traffic.

You can naturally opt out from the majority of the collection and use of analytics data at any time in the service settings. However, you cannot opt out from some analytics data, such as installation success, installation and activation paths. A more wholesale method for preventing online advertisers from profiling your mobile device usage is to reset the advertising identifier from time to time and to turn on the do-not-track setting in your device settings.